Back to skill

Security audit

TRMNL

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it sends user messages to one fixed TRMNL webhook whose ownership is not established.

Install only if you recognize and trust the hard-coded TRMNL webhook as the display you intend to use. Avoid sending private reminders, credentials, internal status, or sensitive image links until the skill supports a user-configured webhook or clearly confirms the destination before posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends user-provided content to a third-party webhook endpoint but does not warn the user that their message will leave the local agent environment. This can cause unintended disclosure of sensitive or private information if the skill is invoked for routine notifications without explicit informed consent.

Vague Triggers

Low
Confidence
83% confidence
Finding
The invocation guidance is broad enough that the skill may activate on generic requests to display text, notifications, or updates, increasing the chance of accidental use. In combination with the external webhook action, this broad trigger surface can lead to unintended transmission of user content to a remote service.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.